A storage server is a processing system that is used to store and retrieve data on behalf of one or more clients on a network. A storage server operates on behalf of one or more clients to store and manage data in a set of mass storage devices, such as magnetic, optical or solid-state storage-based disks or tapes. In conventional network storage systems, the mass storage devices can be organized into one or more groups of drives (e.g., redundant array of inexpensive drives (RAID)).
A storage server can be configured to service file-level requests from clients, as in the case of file servers used in a Network Attached Storage (NAS) environment. Alternatively, a storage server can be configured to service block-level requests from clients, as done by storage servers used in a Storage Area Network (SAN) environment.
Further, some storage servers are capable of servicing both file-level and block-level requests, or other types of data access such as content-level requests, as done by certain storage servers made by NetApp, Inc. of Sunnyvale, Calif.
Some storage servers manage the storage of different kinds of data on storage subsystems, including sensitive data such as credit card numbers or social security numbers. If a disk is acquired by an unauthorized third party, data stored on that disk may be accessed and misused. Encrypting that data while it is stored on the disk makes it significantly more difficult for an unauthorized third party to access the data.
Various reasons exist to delete data from a disk. For example, if the disk is to be retired from use, sensitive data is deleted from the disk. One way of deleting data from a disk is to reformat the disk to zero-out all of the data storage in the disk. Another way of deleting all or part of a disk is to encrypt the portion of data to be deleted, and then destroy the key.
Effective on-disk encryption requires that a plaintext, or un-encrypted, version of data not be written to disk. Existing solutions encrypt the data while it is stored in memory, such as a cache. Encrypting the data in the cache prevents using that data to satisfy a cache read, since the cache read requires a plaintext version of the data. The plaintext version of the data is destroyed when the data is encrypted in the cache.